Simulate an Attack

Using Risk Analyzer, you can simulate an attack on specific network segments to discover the places in your network most vulnerable to an attack. You can upload scan data at the device-group level and at the All Devices level, depending on the networks you want to analyze for risk. MSSPs can further segregate their scan data by customer domain.

  • If you plan to run attacks from networks that are not shared among device groups, it is recommended that you upload scan data at the device-group level. You will need to run attack scenarios from device-group-level Device Maps.
  • If you plan to run attacks from networks that are common among multiple device groups or all devices in Security Manager, it is recommended that you upload scan data at the All Devices level. You will need to run attack scenarios from the All Devices Device Map.
  • Scan data uploaded at the device-group level is not shared among other device groups and it is NOT automatically included in the All Devices scan data.
  • Scan data uploaded at the All Devices level is not inherited by user-created device groups.
  • If you upload scan data at the device-group level but do not also upload that same scan data for All Devices, it is possible that an attack run from a network at the device-group level will show different results than an attack from the same network run at the All Devices level.
  • You can upload scan data for as many devices as you like. However, Security Manager will parse scan data for only the number of devices that you have licensed. Risk analysis will terminate once that number of device licenses is met. If you upload scan data for fewer devices than are affected by the risk scenario, your analysis results may not accurately reflect the real risk to your network.

To simulate an attack through Risk Analyzer, complete the following steps.

  1. On the toolbar, click Risk Analyzer > Risk Map.
  1. Right-click on a network segment in the map, then click Attack From Here.

Risk Analyzer simulates a 360° attack on the network originating from the network segment you selected. The attack is represented on the map by arcs from one network segment to another.